We are using the cloud-hosted Bitwarden solution with Premium subscriptions.
Got a user who lost the master password. The policy to allow admin to reset the master password was not activated back then, thus I couldn’t reset his password.
In order to progress on this, I removed the user from the organization in hope it would purge it from the system and give him the opportunity to use a new invitation link and get back on board.Which failed.
He didn’t have any password added in his vault, thus not much was lost except our time. The user requested a delete account link, as per the documentation to delete a personal account without logging
Even then, he couldn’t re-create an account; rather he had the warning his account still existed and to use his master password to log into it.
All in all, what did we do wrong?
Can you confirm that the user was indeed able to verify the email sent for account deletion and the link in the email was clicked?
This should purge all data related to the account and allow you to create the user again.
Overall it sounds like the steps were followed correctly, so this should have deleted the account.
Do you know if your Org happens to use SSO?
When testing, if an account already exists when attempting to create an account the error provided seems to be
An error has occurred.
Email '[email protected]' is already taken.
Indeed, we use SSO. In which case the user should “login through SSO” rather than “Create account”. I had issues with my alpha because end-users logically go through the process of creating the account rather than login. Unfortonately, it remains confusing even for tech-savy ones.
I’ll double-check with the user his flow and make sure he goes through SSO login. I assume that you point out that’s where the issue would be. Correct?
The few times I have seen a similar issue here, it was solved by contacting support. Since you are cloud-hosted, perhaps that would be an option for you, as well.